ScriptFTP LIST Remote Buffer Overflow

Rocco Calvi

October 12, 2011

CVE: CVE-2011-3976
Affected Vendor: AmmSoft
Affected Product: ScriptFTP
Exploit Type: Metasploit Module
Metasploit Module: exploit/windows/ftp/scriptftp_list

Description

AmmSoft ScriptFTP client 3.3 and earlier is susceptible to a remote buffer overflow that is triggered when processing a sufficiently long filename during a FTP LIST command, resulting in overwriting the exception handler and enabling arbitrary code execution.

References

Rapid7 Module